At the first of three Congressional hearings slated this week to examine the Equifax mega-breach, one Republican said of the company's delay in detecting the breach: "It's like the guards of Fort Knox forgot to lock the doors and failed to notice the thieves were emptying the vaults."
The latest edition of the ISMG Security Report is devoted to a special report on how enterprises around the world should prepare for the European Union's General Data Protection Regulation, which starts being enforced in May.
Equifax is facing increased scrutiny from Congress, including a bill that would mandate free credit freezes for consumers, on demand. But a true fix would require Congress to give U.S. government consumer watchdogs more power.
If the Equifax breach turns out like every other massive data breach we've seen for more than a decade, after a big brouhaha - from Congress, state attorneys general, consumer rights groups and class-action lawsuits - nothing will change, because that would require Congress to give Americans more privacy rights.
The telecom sector in India has repeatedly been targeted by malware attacks, raising serious concerns about vulnerabilities in one of the largest local business sectors. As a result, some security experts are calling for stronger enforcement of regulations and more frequent security audits.
Australia's mandatory data breach notification law, which goes into effect next February, brings a host of new requirements. Gordon Hughes, an attorney and data protection expert, discusses what organizations need to be aware of ahead of its implementation.
A discussion on the latest happenings in the darknet marketplace leads the latest edition of the ISMG Security Report. Also, getting to the bottom of Russia's Democratic Party hack could be the ultimate goal of a lawsuit filed against the Donald Trump presidential campaign.
Who are the top security analytics (SA) providers, and what sets them apart? Forrester researched, analyzed and scored the 11 most significant SA vendors to help organizations evaluate their offerings.
Download this whitepaper and learn:
Who the top four leaders in the market are;
Why security and risk (S&R)...
For public sector agencies caught between the prohibitive cost of a formal security operations center (SOC) and the wholly inadequate protection from an informal SOC, there is a solution: building a SOC that automates as much of the work as possible.
Download this whitepaper and learn:
How automation can help a...
A public sector agency that makes use of security intelligence and analytics takes the burden off its OPSEC team. Powerful machine analytics can make associations among traces of evidence and identify security events much more quickly and efficiently than humans can. Automation enables you to respond to an incident in...
When a threat actor targets your environment, a process unfolds from initial intrusion through eventual data breach - if that threat actor is left undetected. The modern approach to cybersecurity requires a focus on reducing MTTD and MTTR, where threats are detected and killed early in their lifecycle, thereby...
New cybersecurity legislation under consideration in Singapore would make it mandatory for owners of critical information infrastructure to report security breaches within hours and require cybersecurity vendors providing highly sensitive services to be licensed.
The General Data Protection Regulation (GDPR) is set to come into effect in May 2018. Every business, government, and public sector entity that touches European Union residents' data will need to rethink their data management approaches in order to stay compliant and thereby avoid massive new fines and bad publicity....
A discussion that explores the predicament many information security managers face when deciding which security technologies to buy in a glutted market leads the latest edition of the ISMG Security Report. Also: An update on cyber flaws in connected vehicles and the latest from Infosecurity Europe.